» SimCity - Skidrow.exe
Overview
Analysis
File Details
Downloads (1)

SimCity - Skidrow.exe

SimCity

The executable SimCity - Skidrow.exe has been detected as malware by 13 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from gry-skidrow.pl.

File name:

Product:

SimCity

Version:

1.0.0.0

MD5:

31bfc13a1e6ce6f743bd0ff04c3f3564

SHA-1:

987056026bd6b5d6b54511676cfaa49f3c4296fd

SHA-256:

b5d131dcced9f3d57e99ca0e402bde0534238de61d126d9c136b9175564d4b50

Scanner detections:

13 / 68

Status:

Malware

Analysis date:

11/15/2024 12:52:27 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.Surveyer

7.1.1

Avira AntiVirus

TR/Surveyer.18506752

8.3.2.4

Baidu Antivirus

Trojan.MSIL.Surveyer

4.0.3.16222

Comodo Security

UnclassifiedMalware

23833

ESET NOD32

MSIL/Surveyer.CU (variant)

10.12767

Fortinet FortiGate

MSIL/Surveyer.CU!tr

2/22/2016

IKARUS anti.virus

Trojan.MSIL.Surveyer

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.212.18197

Malwarebytes

Trojan.Surveyer.MSIL

v2016.02.22.11

McAfee

Artemis!31BFC13A1E6C

5600.6482

Rising Antivirus

PE:Malware.Generic/QRS!1.9E2D [F]

23.00.65.16220

Sophos

Mal/Generic-S

4.98

VIPRE Antivirus

Trojan.Win32.Generic

45948

File size:

17.6 MB (18,506,752 bytes)

Product version:

1.0.0.0

Original file name:

SimCity - Skidrow.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\simcity - skidrow.exe

File PE Metadata

Compilation timestamp:

8/5/2015 3:20:15 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

393216:5fgKKuaqPuapxb2nseCJz/ghhtCiVtLsiw1s5cWSK+bsAf:5faqPlR2ni0hhtCiV6mLBAf

Entry address:

0x1155FFE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

17.3 MB (18,170,368 bytes)

The file SimCity - Skidrow.exe has been seen being distributed by the following URL.

http://gry-skidrow.pl/scinstall

Remove SimCity - Skidrow.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.